VirTool:Win32/VBInject.TE

Summary

VirTool:Win32/VBInject.TE is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:

Threat behavior

VirTool:Win32/VBInject.TE is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis.

A malicious file is generally encrypted and/or compressed and stored inside another program, which decodes the malicious file and loads it. The malicious program may be injected into a clean process or loaded in a new process of its own. Unlike a “dropper”, the malicious executable is never written to disk as a separate file.

Malicious programs detected as VirTool:Win32/VBInject.TE can have virtually any purpose, as this technique is utilized by many different malware families in the wild in order to protect them from detection or analysis.

Prevention

VirTool:Win32/VBInject.TE is a generic detection for certain forms of obfuscated malware. The loader is written in Visual Basic and the malicious code is stored encrypted. The original file behaves as a loader for the encrypted malicious code, thus the code could have virtually any purpose.

There are no common symptoms associated with this threat. Alert notifications from installed antivirus software may be the only symptoms.